SANS ISC InfoSec Forums

If you are currently using MIT krb5 release krb5-1.7, a null pointer dereference has been reported where an unauthenticated remote attacker could cause the KDC to crash (DoS). This is not a vulnerability in the Kerberos protocol. A patch and a workaround has been made available here.
-----------